Class PublicRefreshPublicClientAuthenticationConverter

java.lang.Object
com.broadleafcommerce.auth.authorization.security.spring.PublicRefreshPublicClientAuthenticationConverter
All Implemented Interfaces:
org.springframework.security.web.authentication.AuthenticationConverter

public final class PublicRefreshPublicClientAuthenticationConverter extends Object implements org.springframework.security.web.authentication.AuthenticationConverter
Attempts to extract the parameters from HttpServletRequest used for authenticating public clients using Proof Key for Code Exchange (PKCE) or refresh token. This is a customized version of the original Spring class (PublicClientAuthenticationConverter). The difference here is that we allow public clients to also convert with a valid refresh token and redirect uri for refresh_token grant flows.
See Also:
  • Constructor Details

    • PublicRefreshPublicClientAuthenticationConverter

      public PublicRefreshPublicClientAuthenticationConverter()
  • Method Details

    • convert

      @Nullable public org.springframework.security.core.Authentication convert(jakarta.servlet.http.HttpServletRequest request)
      Specified by:
      convert in interface org.springframework.security.web.authentication.AuthenticationConverter